[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [bridgedb] 03/04: Support multiple shim tokens

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [bridgedb] 03/04: Support multiple shim tokens
From: gitolite role via tor-commits <tor-commits@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 16 Jan 2023 12:16:04 +0000
Auto-submitted: auto-generated
Cc: gitolite role <git@xxxxxxxxxxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 16 Jan 2023 07:16:14 -0500
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1673871370; bh=73o6x6RvzcV+om20ESr6B8R2XJSL5Bzk8nfKwq8aavk=; h=Date:To:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=JQSlC/cLTZqlcpXlgyqJdY8ienaIaFznGsxm6m4H2AjL8fgW7Nb/MQYEpod8jLJid 9azINEk1YS2WJPY1J7xVNvr+W94ZORseItF9kxmTKoWIU33ByYP+Dsve9J7IT/sOIe Ll9W1jSIsa0is1AyKr5Am4qnfhBT6N9CmN/OIYHfgBJ88EWW2hpavDTeF4UOEhIHfz RDTGuJUpuAD1xrdR04sz+srPDaejjgjHESIB0fxBiZA12dOmkUlNAouHJv3Dsz9/x+ 4RMYfsiUX0Gt6MS+qUsT4hmcDpe63/Vg0XFxlWpUZh6XsiumnQE3td3GqzGNFXENgr 42Z08324NeYpg==
In-reply-to: <167387136134.6653.12164184341467695953@cupani.torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
References: <167387136134.6653.12164184341467695953@cupani.torproject.org>
Reply-to: meskio <meskio@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQAAEjRW8JLteBUZR6mvZe7PPLbUiA==

This is an automated email from the git hooks/post-receive script.

meskio pushed a commit to branch main
in repository bridgedb.

commit 4a11c2b453098f1499d2f196919fa365f6ab62bd
Author: meskio <meskio@xxxxxxxxxxxxxx>
AuthorDate: Thu Dec 15 15:38:01 2022 +0100

    Support multiple shim tokens
---
 bridgedb/configure.py                |  7 +++++--
 bridgedb/distributors/moat/server.py | 12 ++++++------
 bridgedb/test/moat_helpers.py        |  2 +-
 3 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/bridgedb/configure.py b/bridgedb/configure.py
index fd997e0..5447d85 100644
--- a/bridgedb/configure.py
+++ b/bridgedb/configure.py
@@ -165,11 +165,14 @@ def loadConfig(configFile=None, configCls=None):
 
     if os.path.isfile(config.MOAT_SHIM_TOKEN_FILE):
         with open(config.MOAT_SHIM_TOKEN_FILE) as f:
-            setattr(config, "MOAT_SHIM_TOKEN", f.read())
+            tokens = f.read().split("\n")
+            while "" in tokens:
+                tokens.remove("")
+            setattr(config, "MOAT_SHIM_TOKENS", tokens)
         if not os.path.isfile(config.MOAT_DUMMY_BRIDGES_FILE):
             logging.warning("The dummy bridges file '%s' doesn't exist" % (config.MOAT_DUMMY_BRIDGES_FILE,))
     else:
-        config.MOAT_SHIM_TOKEN = None
+        config.MOAT_SHIM_TOKENS = []
         logging.info("No shim-token provided, moat will answer each request with bridge authority bridges.")
 
     return config
diff --git a/bridgedb/distributors/moat/server.py b/bridgedb/distributors/moat/server.py
index fe59b99..303936e 100644
--- a/bridgedb/distributors/moat/server.py
+++ b/bridgedb/distributors/moat/server.py
@@ -493,7 +493,7 @@ class CaptchaCheckResource(CaptchaResource):
     def __init__(self, distributor, schedule, N=1,
                  hmacKey=None, publicKey=None, secretKey=None,
                  useForwardedHeader=True, skipInvalid=False,
-                 shim_token=None):
+                 shim_tokens=None):
         """Create a new resource for checking CAPTCHA solutions and returning
         bridges to a client.
 
@@ -508,7 +508,7 @@ class CaptchaCheckResource(CaptchaResource):
             X-Forwarded-For header instead of the source IP address.
         :param bool skipInvalid: Skip invalid (e.g., loopback, private) addresses
             when parsing the X-Forwarded-For header.
-        :param bytes shim_token: the token that should be included on the header
+        :param bytes shim_tokens: a list of tokens that should be included on the header
             'shim-token' on each request or dummy bridges will be provided.
         """
         CaptchaResource.__init__(self, hmacKey, publicKey, secretKey,
@@ -517,7 +517,7 @@ class CaptchaCheckResource(CaptchaResource):
         self.schedule = schedule
         self.nBridgesToGive = N
         self.useForwardedHeader = useForwardedHeader
-        self.shim_token = shim_token
+        self.shim_tokens = shim_tokens
 
     def createBridgeRequest(self, ip, data):
         """Create an appropriate :class:`MoatBridgeRequest` from the ``data``
@@ -763,7 +763,7 @@ class CaptchaCheckResource(CaptchaResource):
             qrcode = None
             bridgeRequest = self.createBridgeRequest(clientIP, client_data)
             bridges = []
-            dummyBridges = self.shim_token and request.getHeader('shim-token') == self.shim_token
+            dummyBridges = self.shim_tokens and request.getHeader('shim-token') in self.shim_tokens
             bridges = self.getBridges(bridgeRequest, dummyBridges)
             bridgeLines = self.getBridgeLines(bridgeRequest, bridges)
             moatMetrix.recordValidMoatRequest(request)
@@ -837,7 +837,7 @@ def addMoatServer(config, distributor):
     fwdHeaders = config.MOAT_USE_IP_FROM_FORWARDED_HEADER
     numBridges = config.MOAT_BRIDGES_PER_ANSWER
     skipInvalid = config.MOAT_SKIP_LOOPBACK_ADDRESSES
-    shim_token = config.MOAT_SHIM_TOKEN
+    shim_tokens = config.MOAT_SHIM_TOKENS
 
     logging.info("Starting moat servers...")
 
@@ -868,7 +868,7 @@ def addMoatServer(config, distributor):
     check = CaptchaCheckResource(distributor, sched, numBridges,
                                  hmacKey, publicKey, secretKey,
                                  fwdHeaders, skipInvalid,
-                                 shim_token)
+                                 shim_tokens)
 
     moat.putChild(b"fetch", fetch)
     moat.putChild(b"check", check)
diff --git a/bridgedb/test/moat_helpers.py b/bridgedb/test/moat_helpers.py
index 452c207..bfbe863 100644
--- a/bridgedb/test/moat_helpers.py
+++ b/bridgedb/test/moat_helpers.py
@@ -69,7 +69,7 @@ MOAT_N_IP_CLUSTERS = %r
 MOAT_ROTATION_PERIOD = %r
 MOAT_GIMP_CAPTCHA_HMAC_KEYFILE = %r
 MOAT_GIMP_CAPTCHA_RSA_KEYFILE = %r
-MOAT_SHIM_TOKEN = ""
+MOAT_SHIM_TOKENS = ""
 """ % (GIMP_CAPTCHA_DIR,
        SERVER_PUBLIC_FQDN,
        SUPPORTED_TRANSPORTS,

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

References:
- [tor-commits] [bridgedb] branch main updated (ba694e1 -> d266794)
  - From: gitolite role via tor-commits

Prev by Author: [tor-commits] [pluggable-transports/snowflake] 01/03: Parse ICE servers with pion/ice library function
Next by Author: [tor-commits] [stem] branch master updated: Python 3.11 compatibility fix for deprecated coroutine decorator
Previous by thread: [tor-commits] [bridgedb] 04/04: Update import that has being moved in python 3.10
Next by thread: [tor-commits] [bridgedb] 02/04: Update dependencies
Index(es):
- Author
- Thread